Security Affairs newsletter Round 409 by Pierluigi Paganini

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box.

If you want to also receive for free the newsletter with the international press subscribe here.

FiXS, a new ATM malware that is targeting Mexican banks
BidenCash leaks 2.1M stolen credit/debit cards
Pegasus spyware used to spy on a Polish mayor
Hundreds of thousands of websites hacked as part of redirection campaign
MQsTTang, a new backdoor used by Mustang Panda APT against European entities
Trusted Platform Module (TPM) 2.0 flaws could impact billions of devices
The U.S. CISA and FBI warn of Royal ransomware operation
Retailer WH Smith discloses data breach after a cyberattack
GunAuction site was hacked and data of 565k accounts were exposed
Cryptojacking campaign targets insecure deployments of Redis servers
Cisco fixed a critical command injection bug in IP Phone Series
Threat actors target law firms with GootLoader and SocGholish malware
Canada is going to ban TikTok on government mobile devices
BlackLotus is the first bootkit bypassing UEFI Secure Boot on Windows 11
Satellite TV giant Dish admitted that the recent outage was caused by a ransomware attack
Parallax RAT used in attacks aimed at cryptocurrency entities
Google Gmail client-side encryption is available globally
Bitdefender released a free decryptor for the MortalKombat Ransomware family
U.S. Marshals Service suffers a ransomware attack
CISA adds ZK Java Web Framework bug to Known Exploited Vulnerabilities Catalog
Resecurity identified the investment scam network ‘Digital Smoke’
LastPass: hackers breached the computer of a DevOps engineer in a second attack
Threat actors leak Activision employee data on hacking forum
PlugX Trojan disguised as a legitimate Windows open-source tool in recent attacks
Dutch Police arrests 3 men involved in a massive extortion scheme. One of them is an ethical hacker
PureCrypter used to deliver AgentTesla to govt organizations
ChromeLoader campaign uses VHD files disguised as cracked games and pirated software
Ransomware attack on food giant Dole Food Company blocked North America production
Pro-Ukraine hackers CH01 defaced tens of Russian websites on the invasion anniversary
News Corp says hackers first breached its systems between Feb 2020 and Jan 2022

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, newsletter)

The post Security Affairs newsletter Round 409 by Pierluigi Paganini appeared first on Security Affairs.